Well, you'll note that I got a Linux plug in my earlier post... but I also have some wider Windows experience (before my MCSE lapsed), and it is possible to run Windows NT (WNT) or later (incl. 2000, XP, Vista, 7) using UNIX-style security principles. In a Domain environment you can enforce restrictions as appropriate, such as installing applications remotely, and stopping Users from getting to system files.

Unfortunately, a home user has to be his or her own system administrator, and is not trained for it. It should be as simple as: log in as Administrator only to do system maintenance tasks, such as installing programs. All other times, log in as an ordinary user: not a "Power User". You can select "Run As Administrator" for quick jobs. I think Microsoft has dropped the ball here: they should be doing more to communicate basic security principles, in addition to enforcing them. Vista made a poor initial impression by enforcing draconian measures without really explaining why - something Windows 7 reportedly improves on.

Geek note: WNT is closer to VMS than UNIX, since several senior VMS designers were hired by Microsoft to help design WNT. Take VMS, add one to each letter...